[2023年更新]合格できるGPEN試験にはリアルな問題解答
GPEN試験問題ゲット最新[2023]と正解回答
GPEN試験に合格するためには、ペネトレーションテスト活動の実践経験が必要です。また、ネットワークプロトコル、オペレーティングシステムソフトウェア、関連技術に深い理解を持つ必要があります。GPEN試験はペネトレーションテスターの基準として広く認知されており、この認定を取得することは、この分野の専門家のキャリアの展望を大きく向上させることができます。
GIAC GPEN認定試験は、個人の侵入テストのスキルと知識を検証するために設計されています。高度なセキュリティの脆弱性を評価する際に自分の能力に挑戦したいサイバーセキュリティ専門家に利用可能です。この試験には、ネットワーク侵入テスト、Webアプリケーション侵入テスト、パスワード攻撃、およびさまざまな他の攻撃技術など、さまざまなトピックがカバーされています。この名声高い認定資格は、IT業界で非常に高く評価されており、技術的な人材を評価する際の貴重な資格として雇用主にとっても役立ちます。
サイバーセキュリティの分野は常に進化しているため、セキュリティの専門家は、組織の資産を保護できる最新のトレンドとテクニックに対応する必要があります。浸透テストの分野で自分の専門知識を実証する最も効果的な方法の1つは、GIAC GPEN(GIAC認定侵入テスター)認定試験などの認定試験です。
質問 # 112
Which of the following can be used as a countermeasure against the SQL injection attack?
Each correct answer represents a complete solution. Choose two.
- A. Prepared statement
- B. session_regenerate_id()
- C. mysql_escape_string()
- D. mysql_real_escape_string()
正解:A、D
質問 # 113
John works as a professional Ethical Hacker. He has been assigned a project to test the security of www.we-are-secure.com. He performs Web vulnerability scanning on the We-are-secure server.
The output of the scanning test is as follows:
C:\whisker.pl -h target_IP_address
-- whisker / v1.4.0 / rain forest puppy / www.wiretrip.net -- = - = - = - = -
= Host: target_IP_address
= Server: Apache/1.3.12 (Win32) ApacheJServ/1.1
mod_ssl/2.6.4 OpenSSL/0.9.5a mod_perl/1.22
+ 200 OK: HEAD /cgi-bin/printenv
John recognizes /cgi-bin/printenv vulnerability ('Printenv' vulnerability) in the We_are_secure server. Which of the following statements about 'Printenv' vulnerability are true?
Each correct answer represents a complete solution. Choose all that apply.
- A. The countermeasure to 'printenv' vulnerability is to remove the CGI script.
- B. With the help of 'printenv' vulnerability, an attacker can input specially crafted links and/or other malicious scripts.
- C. 'Printenv' vulnerability maintains a log file of user activities on the Website, which may be useful for the attacker.
- D. This vulnerability helps in a cross site scripting attack.
正解:A、B、D
質問 # 114
If a password is seven characters or less, the second half of the LM hash is always
___________________.
- A. 0xAAD3B435B51404EE
- B. 0xAAD3B4EE
- C. 0xAAD3B4FF
- D. 0xAAD3B435B51404FF
正解:A
質問 # 115
Which of the following options holds the strongest password?
- A. Admin1234
- B. california
- C. Joe12is23good
- D. $#164aviD^%
正解:D
質問 # 116
John works as a professional Ethical Hacker. He has been assigned a project to test the security of www.we-are-secure.com. He successfully performs a brute force attack on the We-are-secure server. Now, he suggests some countermeasures to avoid such brute force attacks on the We- aresecure server. Which of the following are countermeasures against a brute force attack?
Each correct answer represents a complete solution. Choose all that apply.
- A. The site should use CAPTCHA after a specific number of failed login attempts.
- B. The site should restrict the number of login attempts to only three times.
- C. The site should force its users to change their passwords from time to time.
- D. The site should increase the encryption key length of the password.
正解:A、B
質問 # 117
Which of the following are the countermeasures against WEP cracking?
Each correct answer represents a part of the solution. Choose all that apply.
- A. Using a 16 bit SSID.
- B. Changing keys often.
- C. Using a non-obvious key.
- D. Using the longest key supported by hardware.
正解:B、C、D
質問 # 118
Which of the following tools can be used to perform Windows password cracking, Windows enumeration, and VoIP session sniffing?
- A. Pass-the-hash toolkit
- B. John the Ripper
- C. L0phtcrack
- D. Cain
正解:D
質問 # 119
Which of the following is the default port value of beast Trojan?
- A. 0
- B. 1
- C. 2
- D. 3
正解:D
質問 # 120
Which of the following commands can be used for port scanning?
- A. nc -g
- B. nc -w
- C. nc -z
- D. nc -t
正解:C
質問 # 121
A customer has asked for a scan or vulnerable SSH servers. What is the penetration tester attempting to accomplish using the following Nmap command?
- A. Running an exploit against the target
- B. Checking configuration
- C. Checking protocol version
- D. Checking operating system version
正解:C
質問 # 122
John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He is using the Linux operating system. He wants to use a wireless sniffer to sniff the We-are-secure network. Which of the following tools will he use to accomplish his task?
- A. NetStumbler
- B. Snadboy's Revelation
- C. WEPCrack
- D. Kismet
正解:D
質問 # 123
You work as a Network Administrator in the Secure Inc. You often need to send PDF documents that contain secret information, such as, client password, their credit card details, email passwords, etc. through email to your customers. However, you are making PDFs password protected you are getting complaints from customers that their secret information is being misused. When you analyze this complaint you get that however you are applying the passwords on PDFs, they are not providing the maximum protection. What may be the cause of this security hole?
- A. PDFs are sent in email in the plain-text form.
- B. PDFs can be read easily in the plain-text form by applying a sniffer.
- C. You are applying easily guessed passwords.
- D. PDF passwords can easily be cracked by brute force attacks.
正解:D
解説:
Section: Volume B
質問 # 124
Which of the following penetration testing phases involves gathering data from whois, DNS, and network scanning, which helps in mapping a target network and provides valuable information regarding the operating system and applications running on the systems?
- A. Post-attack phase
- B. On-attack phase
- C. Pre-attack phase
- D. Attack phase
正解:C
解説:
Section: Volume B
質問 # 125
Which of the following standards is used in wireless local area networks (WLANs)?
- A. IEEE 802.11b
- B. IEEE 802.5
- C. IEEE 802.4
- D. IEEE 802.3
正解:A
質問 # 126
When you conduct the XMAS scanning using Nmap, you find that most of the ports scanned do not give a response. What can be the state of these ports?
- A. Open
- B. Filtered
- C. Closed
正解:A
質問 # 127
You suspect that system administrators In one part of the target organization are turning off their systems during the times when penetration tests are scheduled, what feature could you add to the ' Rules of engagement' that could help your team test that part of the target organization?
- A. Un announced test
- B. Tell response personnel the exact lime the test will occur
- C. Test systems after normal business hours
- D. Limit tests to business hours
正解:C
質問 # 128
Which of the following statements are true about NTLMv1?
Each correct answer represents a complete solution. Choose all that apply.
- A. It uses the MD5 hash of the user's password.
- B. It uses the LANMAN hash of the user's password.
- C. It is mostly used when no Active Directory domain exists.
- D. It is a challenge-response authentication protocol.
正解:B、C、D
質問 # 129
Analyze the screenshot below. What type of vulnerability is being attacked?
- A. Internet Explorer
- B. Local Security Authority
- C. Windows Powershell
- D. Windows Server service
正解:A
質問 # 130
You work as a Network Penetration tester in the Secure Inc. Your company takes the projects to test the security of various companies. Recently, Secure Inc. has assigned you a project to test the security of the Bluehill Inc. For this, you start monitoring the network traffic of the Bluehill Inc.
In this process, you get that there are too many FTP packets traveling in the Bluehill Inc. network.
Now, you want to sniff the traffic and extract usernames and passwords of the FTP server. Which of the following tools will you use to accomplish the task?
- A. SARA
- B. NetStumbler
- C. L0phtcrack
- D. Ettercap
正解:D
質問 # 131
Which of the following is the correct sequence of packets to perform the 3-way handshake method?
- A. SYN, ACK, SYN/ACK
- B. SYN, ACK, ACK
- C. SYN, SYN/ACK, ACK
- D. SYN, SYN, ACK
正解:C
解説:
Section: Volume D
質問 # 132
Why is OSSTMM beneficial to the pen tester?
- A. It provides in-depth knowledge on tools
- B. It includes an automated testing engine similar to Metasploit
- C. It provides a legal and contractual framework for testing
- D. It provides report templates
正解:D
解説:
Reference:
http://www.pen-tests.com/open-source-security-testing-methodology-manual-osstmm.html
質問 # 133
Which TCP and UDP ports can be used to start a NULL session attack in NT and 2000 operating systems?
- A. 203 and 333
- B. 139 and 445
- C. 198 and 173
- D. 149 and 133
正解:B
質問 # 134
Which of the following standards is used in wireless local area networks (WLANs)?
- A. IEEE 802.11b
- B. IEEE 802.5
- C. IEEE 802.4
- D. IEEE 802.3
正解:A
質問 # 135
Which of the following are the countermeasures against WEP cracking?
Each correct answer represents a part of the solution. Choose all that apply.
- A. Using a 16 bit SSID.
- B. Changing keys often.
- C. Using a non-obvious key.
- D. Using the longest key supported by hardware.
正解:B、C、D
解説:
Section: Volume D
質問 # 136
......
練習できるGPEN問題で認証試験問題集ガイド解答は練習専門Fast2test:https://jp.fast2test.com/GPEN-premium-file.html